Руководство По Устранению Ошибки для Cisco Cisco Packet Data Gateway (PDG)
Global Configuration Mode Commands
local-user allow-aaa-authentication ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22947-02
local-user allow-aaa-authentication
Enables/disables the use of administrative accounts other than local-user administrative accounts.
Product
All
Privilege
Security Administrator, Administrator
Syntax
Disables administrative user accounts other than local-user accounts.
Returns this parameter to its default setting of enabled.
Usage
Local-user administrative accounts are separate from other administrative user accounts configured at the
context level (Security Administrator, Administrator, Operator, and Inspector).
Context-level administrative users rely on the system‘s AAA subsystems for validating user names and
passwords during login. This is true for both administrative user accounts configured locally through a
configuration file or on an external RADIUS server.
Since the T1.276-2003 password security mechanisms are supported only for local-user administrative
accounts and not for the AAA-based administrative accounts, this command provides a mechanism for
disabling AAA-based administrative accounts.
By default, AAA-based administrative accounts are allowed.
context level (Security Administrator, Administrator, Operator, and Inspector).
Context-level administrative users rely on the system‘s AAA subsystems for validating user names and
passwords during login. This is true for both administrative user accounts configured locally through a
configuration file or on an external RADIUS server.
Since the T1.276-2003 password security mechanisms are supported only for local-user administrative
accounts and not for the AAA-based administrative accounts, this command provides a mechanism for
disabling AAA-based administrative accounts.
By default, AAA-based administrative accounts are allowed.
Example
The following command forces the system to authenticate local-user accounts based only on the information in the
security account file on its CompactFlash:
The following command forces the system to authenticate local-user accounts based only on the information in the
security account file on its CompactFlash: